The Italian privacy regulator has hit Foodinho, an Italian food delivery company, with a €2.6 million fine for infringing the GDPR by using an automated algorithm to rate its delivery personnel and increase or decrease food orders assigned to them. Foodinho’s algorithm used a variety of data to assess the performance of its delivery personnel. This included chats, emails and ...
The Court of Justice of the European Union (CJEU) has held that operators of online platforms to which users post copyright-protected content are not liable for copyright infringement in such user-posted content if they meet certain conditions. First, they must not contribute to giving access to such content to the public in breach of copyright, beyond merely making those platforms ...
The U.S. Supreme Court has held that a Pennsylvania high school violated the First Amendment of the Constitution in suspending a 14-year-old student after she posted two messages on Snapchat containing vulgar language directed at the school and school officials. The student posted the messages when she was off school grounds.
The Supreme Court considered whether a 1969 ruling, holding ...
After two rounds of public comments, the Data Security Law (DSL) of the People’s Republic of China was formally issued on June 10, 2021. The DSL, effective September 1, 2021, establishes a series of principles and policies designed to ensure the protected and effective use of data. It governs both data activities conducted in China, and data activities conducted outside ...
U.S. President Joe Biden issued an Executive Order aimed at addressing threats arising from the use of connected software applications designed, developed, manufactured, or supplied by foreign adversaries. Connected software applications are software programs that include the ability to collect, process, or transmit data through the Internet.
According to the Executive Order’s explanatory notes, connected software applications can provide foreign ...
The EU Commission formally recognized the United Kingdom as an adequate jurisdiction for cross-border transfers of data governed by the GDPR. The UK now joins about a dozen other countries already recognized under an EU Commission adequacy decision, including Israel, Canada, New Zealand, Japan, and Switzerland.
The adequacy recognition allows for a more seamless flow of personal data from the ...
The European Data Protection Board (EDPB) has published its final recommendations for the necessary safeguards for transfers of personal data to destinations outside the European Economic Area (EEA), following the Schrems II decision in which the Court of Justice of the European Union (CJEU) held that personal data transferred from the EEA to a destination outside the EEA must be ...
The European Commission issued two new sets of standard contractual clauses (SCC) which can be used to legalize the transfer and processing of personal data that is subject to the GDPR. The first set is SCCs for international transfers, which may be used when transferring personal data to destinations that are outside the European Economic Area (EEA) in countries that ...
New user? Click here to register